Created attachment 8025 [details] Wireshark trace (server 192.168.100.100 win7 client 192.168.100.101) Hello, I have following version of Samba4: Version 4.1.0pre1-GIT-9fc42da and trying to apply acl on shared folders from win7 but it is just not functionning: for instance I just created the folder foldertest and trying to set permission deny on everyone and it gives the below error: [2012/10/10 03:19:56.221168, 0] ../source3/smbd/posix_acls.c:1898(add_current_ace_to_acl) add_current_ace_to_acl: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file foldertest. also whatever I do I only get the below errors? [2012/10/10 02:39:22.008985, 0] ../source3/smbd/posix_acls.c:1898(add_current_ace_to_acl) add_current_ace_to_acl: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file test. [2012/10/10 02:41:47.861209, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:3000017:rwx user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:42:01.876497, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:3000017:rwx user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:52:51.475171, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:3000017:r-x user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:53:59.949092, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:3000017:r-x user:root:rwx group:users:--- group:3000018:r-x mask::rwx is invalid for set (No such file or directory)
Created attachment 8026 [details] this is the smbd log actually don't know how to collect a level trace for it.
Set the lines: log level = 10 max log size = 0 log file = /usr/local/samba/var/log.%m in the [global] section of your smb.conf, restart smbd and then repeat the operation. Don't forget to upload the correct wireshark capture file and also the contents of the debug level 10 log files. Thanks, Jeremy.
Created attachment 8040 [details] List of traces in attched zip file Hi, I collected traces again in attachment: these are the log files: log.192.168.100.101 log.virtualserver log.smbd please note that the virtualserver is same as 192.168.100.101, don't know why 2 different traces were generated. regarding the wireshark traces, there are two: One I try to set modify permission for a user on the shared folder: modifyPermission.pcapng the other I set deny all on the shared folder: denyAll.pcapng
Hello Jeremy. I've uploaded the traces. (In reply to comment #2) > Set the lines: > > log level = 10 > max log size = 0 > log file = /usr/local/samba/var/log.%m > > in the [global] section of your smb.conf, restart smbd and then repeat the > operation. Don't forget to upload the correct wireshark capture file and also > the contents of the debug level 10 log files. > > Thanks, > > Jeremy.
Created attachment 8041 [details] Additional trace log.%m there was another trace: log.%m which I am attaching additionaly
Hello, This issue seems related to: Bug 9160 after I've applied vfs objects = acl_xattr to each share that requires ACL's to be mapped. I have no error anymore. is there anywhere I can find more documentation about how to configure the smb.conf? inno.
I've just started looking at the source of this (Please forgive me for any stupid ideas, I'm 16, only know a tiny bit of C and primarily program Java), but looking at smb_acl_to_posix() within source3/modules/vfs_posixacl.c, shouldn't all the checks that look for a return of 0 actually be checking for 1? I'm guessing a possible workaround could be to stop the fail: section from actually clearing an ACL?
*** This bug has been marked as a duplicate of bug 9160 ***